Digital Assets, Real Returns

Back to Blog
Regulatory Horizons: Post-2025 AI rules for banks and asset managers with Capital AI?

Regulatory Horizons: Post-2025 AI rules for banks and asset managers with Capital AI?

D Dan Brave
24 min read

Regulatory Horizons: Post 2025 AI Rules for Banks and Asset Managers with Capital AI maps a changed safety net for the financial sector as regulators move from process checks to outcomes that reflect real risk. The piece explains why agencies pursue Basel inspired capital simplification, enhanced liquidity rules, and interoperable supervision across FDIC, OCC and other authorities, while maintaining pro growth incentives. It highlights how AML BSA modernization will lean on AI to improve signal quality, reduce false positives, and increase risk prioritization, alongside governance requirements such as explainability dashboards and data lineage. It covers tokenized deposits and pass through insurance, the evolving stance on shelf charters, rapid resolution tools, and the potential use of Fed facilities as liquidity inputs. The analysis emphasizes practical implications for banks and asset managers: calibrating risk weights to actual risk, updating CAMELS ratings in a single stack framework, and building resilient data and technology infrastructures to support compliant, innovative products. The goal is clarity on how reforms balance safety, growth, and regulator expectations.

This is for you if:

  • You are a senior executive at a bank or asset manager evaluating AI risk governance and regulatory readiness.
  • You need a practical map of interagency reforms, Basel inspired capital simplification, and AML BSA modernization to plan compliance investments.
  • You want concrete steps, verification checkpoints, and governance dashboards to implement reforms.
  • You are assessing the implications of tokenized deposits, shelf charters, and rapid resolution on product design and capital strategy.
  • You require a framework to balance safety and growth while aligning with regulator expectations.

Regime architecture and governance

Interagency coordination

Regulatory reform in the post-2025 era is designed to be purposeful and coordinated across the FDIC, the OCC, and other federal banking agencies. This coordination aims to harmonize capital, liquidity, and supervision standards so large banks, regional institutions, and nonbanks moving into insured arenas operate under a shared risk framework. Such alignment reduces regulatory fragmentation, lowers the cost of compliance, and helps firms plan long-term investments with clearer expectations. It also creates a fertile ground for joint examinations and coordinated enforcement actions, which can reduce duplicative oversight and improve the speed of responses during stress. The overarching objective is to enable consistent risk signaling while preserving the flexibility needed for innovation in a dynamic market environment.

Supervision evolution and CAMELS in a modern regime

The supervisory philosophy shifts from a checkbox, process-driven regime to an outcome-based approach that centers on material risks and actual regulatory violations. This requires regulators to redefine what constitutes risk materiality, focus on consumer harm, and tighten the lens on enforcement actions where law and regulation are violated. A move toward a single-stack capital model and a redesigned CAMELS framework is anticipated, with examiner training updated to reflect new priorities and to ensure consistency across examinations. In practice, this means supervision will increasingly target real-world harm signals, product materiality, and governance weaknesses rather than procedural compliance alone. The change promises to reward proactive risk management and transparent governance with smoother market functioning and more predictable supervisory outcomes.

Capital and liquidity in a Basel-inspired world

Regulators contemplate a simpler, Basel-inspired single stack for capital that reduces the layering of risk weights while preserving sensitivity to genuine risk. The intent is to align domestic capital rules more closely with international standards where feasible, easing cross-border comparability without compromising safety and financial stability. This approach invites careful calibration for U.S. specifics, ensuring that mortgage, consumer, and corporate lending risk weights reflect actual risk profiles rather than historical distortions. The regime also seeks to balance domestic needs with Basel goals, avoiding gold-plating while maintaining adequate buffers to support resilience during downturns or stress events.

Securitization dynamics and tokenized deposits

Expect reforms to securitization risk weights and collateral recognition to become more coherent across product lines, reducing ambiguity in risk signaling. As digital transformation introduces tokenized deposits and new forms of money, regulators will clarify how these instruments fit within existing insurance and regulatory structures, including pass-through insurance considerations. The goal is to preserve market functionality and funding flexibility while ensuring that risk weights, capital treatment, and consumer protections reflect the evolving nature of securitization and digital asset interfaces. Clearer rules will help market participants design securitization structures and wallet-based deposits without inadvertently bypassing safeguards.

Liquidity resilience and LCR enhancements

Liquidity resilience is expected to improve through enhancements to the LCR, with potential credit from central bank facilities incorporated as inputs in liquidity calculations. This requires precise definitions of high-quality liquid assets (HQLA) and robust methodologies to assess net cash outflows in stress scenarios. The balance to strike is between strengthening resilience for acute liquidity stress and preserving access to funding for growth-oriented institutions. Regulators aim to prevent lopsided incentives-where firms chase artificial liquidity metrics-while ensuring that the LCR remains forward-looking and risk sensitive in a rapidly evolving funding landscape.

Capital and liquidity standards

Basel alignment and single stack

The drive toward Basel-aligned, simplified capital rules is intended to reduce complexity, improve risk sensitivity, and support consistent capital planning. A single stack approach is expected to harmonize treatment of core risk categories, while allowing for domestic considerations that reflect U.S. lending markets and regulatory priorities. Transitional challenges are likely for smaller banks, which may require phased implementations or tailored calibrations to avoid disproportionate burdens while preserving comparability with larger institutions.

Liquidity standards and funding sources

Enhanced liquidity standards will incorporate diverse funding sources and new data inputs to reflect real-time funding dynamics. Regulators may consider central bank facilities as part of liquidity calculations, recognizing their role during systemic stress. Banks will need to adjust liquidity risk management practices, update funded capacity models, and ensure visibility into funding concentration and redundancy. The aim is to bolster resilience without constraining legitimate growth or innovation in product design and delivery.

Nonbank and shelf charter implications

Pathways for rapid entry or shelf charters for nonbanks entering insured deposit spaces are under consideration. These pathways must be aligned with capital and liquidity expectations to avoid creating regulatory gaps or misaligned incentives. The governance framework will scrutinize how nonbanks compete with traditional depositories, ensuring consumer protections, appropriate insurance treatment, and sound risk management accompany any accelerated entry into the regulated system.

Portfolio risk weight adjustments

Anticipated adjustments will refine risk weights by product line to better reflect real-world risk, with caution against over-weighting or "gold plating.” Changes will depend on rulemaking and interagency guidance, and institutions will need to align portfolio strategies with updated risk sensitivity. The focus remains on accurate risk signaling for lending, securitization, and credit risk management, enabling banks to allocate capital and manage risk more effectively without suppressing legitimate lending activity.

AML BSA modernization and technology

Technology-driven risk management

Technology-enabled risk management, including AI and machine learning, will play a central role in enhancing signal quality, reducing false positives, and enabling risk-based prioritization. Regulators expect governance controls that ensure automation augments human judgment rather than replacing it. Information sharing mechanisms, including FinCEN-related channels, will support faster and more accurate risk signaling while preserving privacy and data protection standards. Financial institutions will need to demonstrate a robust control environment, model risk management, and clear escalation protocols for suspicious activity and regulatory inquiries.

Data governance and privacy

Robust data governance, data lineage, and data provenance are foundational to defensible AI monitoring and compliant operations. Privacy protections and data-sharing constraints must be embedded into every AML ecosystem-from onboarding to ongoing monitoring and reporting. This requires systematic data quality controls, auditable data flows, and explicit governance ownership to prevent data leakage or misuse while enabling layered analytics that enhance detection capabilities without compromising customer trust.

Onboarding and CIP exemptions

Pre-populated information and carefully scoped CIP exemptions could streamline onboarding while preserving risk controls and client protection. The framework will balance efficiency gains with due diligence requirements, ensuring that automated onboarding does not erode the ability to identify sanctioned entities, money launderers, or other high-risk profiles. Firms will need to document how exemptions are applied, monitor for material changes in risk, and maintain traceability for regulator reviews.

Market integrity and consumer protection

AI in consumer protection and fair lending

The regulatory emphasis will shift toward actual consumer harm rather than purely procedural compliance. This reorientation implies tighter scrutiny of AI-driven decisions in lending, pricing, and product recommendations, with a critical view of disparate impact and fairness. Explainability and transparency will be central to consumer-facing AI outputs, enabling customers and regulators to understand how decisions are made and ensuring accountability for unintended discrimination or bias. Firms will need governance controls to identify, measure, and mitigate harm in real-time customer journeys.

Regulatory clarity for AI-enabled products

Clear disclosures and governance oversight will be expected for AI-enabled products and services. Regulators will require transparent design choices, ongoing accountability for outcomes, and robust governance dashboards that track performance, risk, and consumer impact. The aim is to foster trust while ensuring that AI-driven interactions and recommendations meet high standards of fairness, safety, and compliance across all customer touchpoints.

Emergency authorizations and quick deployment

Regulators are exploring emergency carve-outs or exceptions to accelerate shelf charter deployment in failed-bank events. The safeguards designed to prevent abuse will be central to maintaining safety and soundness, including predefined governance checks, rapid access controls, and post-entry oversight that remains consistent with established resolution principles. The emphasis is on reducing time to resolution without creating new systemic risks or compromising depositor protection.

Concrete steps to adoption (ordered)

  1. Map reform areas to current risk profiles and product mixes across the organization.
  2. Identify interagency coordination points and draft joint policy milestones to align planning and execution timelines.
  3. Develop a single-stack capital plan that harmonizes Basel concepts with domestic constraints where needed.
  4. Design updated liquidity plans that incorporate potential central bank inputs and stress-test scenarios.
  5. Establish AML BSA modernization roadmaps with AI governance guardrails and data governance standards.
  6. Clarify policy for tokenized deposits and pass-through insurance decisions, including guardrails for consumer protection.
  7. Draft shelf charter readiness and rapid resolution playbooks for potential use cases and bidder scenarios.
  8. Prepare governance structures and training for examiners, governance boards, and senior management to ensure consistent enforcement and oversight.

Verification checkpoints

  • Board sign-off on governance and risk management changes for AI-driven processes.
  • Independent validation of data lineage and model risk management for AML and fraud detection tools.
  • Interagency milestones documented with alignment on capital, liquidity, and due diligence standards.
  • Public disclosures and customer education materials updated to reflect new AI governance and risk controls.

Regulatory Horizons: Post-2025 AI Rules for Banks and Asset Managers with Capital AI

Follow-up questions

As the reforms unfold, practitioners will want concrete guidance on timing, sequencing, and governance. The questions below reflect high-priority concerns for banks, asset managers, and regulators seeking to translate proposed rules into actionable programs. The intent is to surface areas where early actions yield the greatest risk reduction and where collaboration across agencies and with the industry will clarify expectations. These prompts also help shape public commentary and investor communications by focusing on measurable milestones, governance structures, and customer protections.

  • What are the explicit timelines for each rulemaking, and how will interim guidance be published to reduce ambiguity for risk owners and boards?
  • How will interagency consistency be demonstrated in capital, liquidity, and AML modernization to minimize regulatory arbitrage across institutions of different sizes?
  • What governance metrics will regulators require for AI-enabled AML programs (Evals, model risk management, and audit trails) and how will ongoing validation be validated by internal and external reviewers?
  • Which elements of tokenized deposits will receive pass-through insurance, and what safeguards will ensure consumer protections without chilling innovation?
  • How will shelf charters be integrated with existing resolution protocols, and what accountability mechanisms prevent misuse or rapid competitive distortions?
  • What steps should firms take now to align data governance, data lineage, and privacy controls with anticipated reporting and supervision standards?
  • How will the balance between pro-growth objectives and safety be monitored over time, and what triggers will prompt recalibration of risk weights or liquidity inputs?
  • What guidance will be provided to smaller community banks to ensure transitional relief does not erode safety and soundness?

FAQ

What is the core focus of post-2025 AI rules for banks and asset managers?

The core focus centers on supervision reform, capital and liquidity framework changes, modernization of AML/BSA requirements, and governance for AI-driven processes. The aim is to align risk management with faster, technology-enabled oversight while preserving growth and stability.

How will interagency coordination shape rule development?

Expect joint rulemakings and consistent standards across major agencies to avoid fragmentation. Coordination seeks to harmonize capital, liquidity, and supervisory practices so banks and asset managers face a predictable regulatory environment.

What role does AI play in AML and consumer protection?

AI will improve risk prioritization, surveillance effectiveness, and transaction monitoring, supported by explainability and strong governance. Regulators will require transparent data handling, bias controls, and robust model risk management to protect consumers and preserve financial integrity.

Are tokenized deposits and shelf charters clearly defined yet?

Definitions will emerge through formal guidance and rulemaking. The discussion will focus on insurance treatment, regulatory reach, and how rapid resolution mechanisms interact with contemporary digital asset interfaces.

What should banks start doing now to prepare?

Establish an AI governance framework, strengthen data lineage and quality, pilot AI-enabled controls with measurable risk indicators, and align capital and liquidity planning with anticipated changes.

Definitions

CAMELS
A supervisory rating system covering Capital, Asset quality, Management, Earnings, Liquidity, and Sensitivity to risk.
LCR
Liquidity Coverage Ratio, requires banks to hold high-quality liquid assets to cover 30 days of net cash outflows.
eSLR
Enhanced Supplementary Leverage Ratio, a capital standard for large banking organizations.
Basel
International capital and liquidity standards adopted and implemented in the United States through domestic rulemakings and adjustments.
Pass-through insurance
FDIC insurance treatment that passes to end depositors through intermediaries in certain structures.
Tokenized deposits
Deposits recorded on a digital ledger or tokenized record that may be treated under insurance rules as applicable.
Shelf charter
A provisional charter enabling rapid entry in failed bank scenarios and enabling quicker bidding and resolution actions.
AML
Anti-Money-Laundering regulatory framework, AMLA is the modernization act referenced in several reforms.
FinCEN
Financial Crimes Enforcement Network, the U.S. Treasury bureau responsible for financial crime enforcement.
AML BSA modernization
Regulatory updates designed to modernize the Bank Secrecy Act and related anti-money-laundering regimes using technology and risk-based approaches.

Table: Key reform themes and implementation considerations

Topic Proposed Change Key Questions Risks and Tradeoffs
Capital structure Move toward a Basel-inspired single stack Will simplification reduce complexity without sacrificing risk sensitivity for small banks? Transitional costs, potential misalignment for smaller institutions without phased relief
Liquidity rules Enhanced LCR with potential central-bank input How will central-bank inputs affect funding strategies during crises? Calibration risk, risk of encouraging short-term liquidity optimization
AML modernization AI-driven surveillance with governance guardrails How to balance signal quality with privacy and vendor risk? Model bias and data-sharing concerns
Tokenized deposits Clarify insurance treatment and regulatory oversight What structures will be eligible for pass-through insurance? Regulatory uncertainty and rapid innovation risk
Shelf charters Emergency entry pathways for rapid resolution readiness What safeguards prevent misuse? Potential for regulatory complexity and market distortions

Sources and references

Implementation wrap-up and verification

Step-by-step implementation (ordered)

  1. Consolidate interagency planning by publishing a joint implementation roadmap that maps each reform area to existing risk profiles, product lines, and customer segments. This milestone sets the governance cadence and clarifies accountability across the FDIC, OCC, and other agencies.
  2. Finalize the Basel-inspired single-stack capital framework in coordination with domestic considerations. Develop transitional rules for smaller institutions to preserve credit access while phasing in simplified risk weights and revised CAMELS expectations.
  3. Design updated liquidity plans that incorporate potential central bank inputs and new data sources. Build a framework for real-time liquidity monitoring, including scenarios that test rapid funding reversals and Fed facility utilization.
  4. Roll out AML BSA modernization guidance with explicit governance guardrails. Establish AI-enabled surveillance pilots, but require documented model risk management, explainability, and independent validation prior to full deployment.
  5. Implement tokenized deposits and pass-through insurance policy workstreams. Define eligibility, governance controls, and consumer protections to prevent regulatory loopholes while enabling responsible innovation.
  6. Activate shelf charter preparedness and rapid resolution playbooks. Create a cross-institution governance layer to manage bidder eligibility, DIF impact, and post-entry oversight without compromising resolution objectives.
  7. Institutionalize data governance and privacy controls as a core enabler of AI-driven oversight. Implement data lineage, provenance tracking, and audit trails across onboarding, monitoring, and reporting processes.
  8. Develop a comprehensive workforce plan for training examiners, risk managers, and senior leadership. Include ongoing education in AI governance, model risk, consumer protection, and cross-border considerations.
  9. Establish consumer-facing governance dashboards and Evals that demonstrate bias controls, explainability, and accountability for AI-enabled products and services.
  10. Launch a phased pilot program to test the full end-to-end framework-capital, liquidity, AML, and consumer protection-before scale-up, with predefined success metrics and exit criteria.

Verification checkpoints

  • Board and senior management sign-off on the integrated governance framework and risk appetite statements for AI-enabled activities.
  • Independent validation of data lineage and model risk management for AML and fraud detection tools completed and documented.
  • Interagency milestones tracked with published status updates, and any deviations publicly explained.
  • Public disclosures, customer communications, and education materials updated to reflect new governance and risk controls.
  • Operational resilience tests executed, including recovery plans for AI-driven intraday processing and critical decision points.

Troubleshooting and edge cases

  • Overreliance on automation without sufficient human oversight. Fix by embedding human-in-the-loop reviews for high-risk decisions and critical onboarding steps.
  • Data lineage gaps that undermine model integrity. Fix with end-to-end data mapping, access controls, and regular audits of data sources.
  • Shadow risk signals from multi-vendor environments. Fix through consolidated vendor risk management, cross-vendor testing, and clear escalation paths.
  • Regulatory ambiguity slowing deployment. Fix by issuing interim guidance tied to concrete milestones and updating policy language as rulemakings progress.
  • Inadequate consumer education around AI decisions. Fix with tiered disclosures, plain-language explanations, and customer opt-out options where feasible.

Table: Implementation timeline and milestones

Phase Key Activities Owner/Co-owners Timeframe Success Metrics
Phase 1 - Governance alignment Publish joint implementation roadmap, confirm interagency roles FDIC, OCC, other agencies 0–3 months Formal agreement on milestones, interagency cadence established
Phase 2 - Capital and CAMELS modernization Finalize single-stack plan, begin CAMELS redesign Risk management offices, examiners 3–9 months Approved policy text, training materials updated, pilot risk weights defined
Phase 3 - Liquidity and funding resilience Update LCR methodology, test central-bank inputs Treasury, risk analysts 6–12 months Stress-tested liquidity models, governance dashboards in place
Phase 4 - AML/BSA modernization AI pilot programs, governance guardrails Compliance, technology teams 9–15 months Validated AI models, documented MRAs and controls
Phase 5 - Tokenized deposits and pass-through insurance Policy drafting, framework for insurance treatment Regulatory policy, legal 12–18 months Clear guidance, compliant product design ready for pilots
Phase 6 - Shelf charters and rapid resolution readiness Resolution playbooks, bidder eligibility, DIF impact analysis Resolution planning, industry partners 12–24 months Operational shelf-charm readiness, governance guardrails tested
Phase 7 - Pilot and scale End-to-end pilots, measure against efficiency and risk signals Institutions, regulators 18–30 months Validated outcomes, plan for broader roll-out

Gaps and opportunities

Even with a detailed reform plan, several gaps remain where further clarity can improve execution. First, explicit timelines for rulemakings and interim guidance are essential for downstream planning and risk governance. Second, practical benchmarks and KPIs tied to CAMELS modernization, CMS outcomes, and liquidity resilience would help boards translate policy into daily risk management. Third, sector-specific playbooks for community banks versus megabanks would address unique capabilities and resource constraints. Fourth, comprehensive guidance on data privacy, cross-border data sharing, and model risk governance in AI-enabled supervision remains a priority to prevent unintended regulatory friction. Finally, more real-world case studies-covering onboarding, risk scoring, and consumer outcomes-would provide a meaningful evidence base for governance dashboards and Evals. These gaps represent opportunities to create a more credible, auditable path from policy to practice.

Link inventory

Sources and references

Regulatory Horizons: Post-2025 AI Rules for Banks and Asset Managers with Capital AI

Credibility foundations for Regulatory Horizons research

  • The analysis rests on PwC Strategy& AI material and AGILE/EDGE references as the foundational framework for governance and risk management in post-2025 AI rules. Source
  • The AGILE framework components-Awareness, Guardrails, Innovation, Learning, Ecosystem Resiliency-are presented as core elements of responsible AI adoption in financial services, grounded in the cited material. Source
  • EDGE principles (Explainability, Data, Governance, Ethics) are cited as essential for establishing governance and accountability in AI deployments. Source
  • Quantified benefits from AI are highlighted, including a potential up to 15 percentage points improvement in the efficiency ratio for banks that mature AI capabilities. Source
  • Practical cost reductions are demonstrated by AI-enabled onboarding, with estimates around a 40% decrease in verification costs for commercial banking clients. Source
  • Front-office enhancements through AI are shown to raise lead conversion and customer engagement metrics by as much as 30%. Source
  • Middle-office automation driven by AI is projected to reallocate up to half of staff to higher-value activities, signaling meaningful productivity gains. Source
  • Back-office modernization enabled by modular AI infrastructure can deliver roughly a 50% improvement in productivity and processing speed. Source
  • Governance dashboards and Evals are identified as central to maintaining regulator trust and providing ongoing oversight of AI systems. Source
  • A phased approach to AI deployment-pilots followed by scaled rollouts-supports measurable learning, risk containment, and iterative improvement. Source
  • An API-first, modular architecture is recommended to accelerate integration of AI with legacy banking systems, enabling scalable deployment. Source
  • A Basel-inspired single-stack capital framework is discussed as a path to simplifying risk weighting while preserving risk sensitivity in the U.S. context. Source

Foundational Sources for Regulatory Horizons Research

  • PwC Strategy& AI material overview: http://www.pwc.com/structure
  • AGILE framework components in governance: http://www.pwc.com/structure
  • EDGE governance principles for AI adoption: http://www.pwc.com/structure
  • Potential efficiency uplift from mature AI capabilities: http://www.pwc.com/structure
  • AI-driven onboarding cost reductions evidence: http://www.pwc.com/structure
  • AI-enhanced front-office performance metrics: http://www.pwc.com/structure
  • AI-enabled middle-office productivity gains: http://www.pwc.com/structure
  • Back-office modernization through modular AI: http://www.pwc.com/structure
  • Governance dashboards and Evals as oversight tools: http://www.pwc.com/structure
  • Phased pilots and staged scale for AI programs: http://www.pwc.com/structure
  • API-first, modular architecture guidance for integrating AI: http://www.pwc.com/structure
  • Basel-inspired single-stack capital framework rationale: http://www.pwc.com/structure

Gaps and opportunities for practical rollout of post-2025 AI rules

Even with a detailed reform blueprint, the path from policy to practice will be uneven across institutions, geographies, and product lines. The most consequential gaps are not always obvious in high‑level summaries but become clear in day‑to‑day risk management, governance, and customer interactions. A successful rollout will require concrete timelines, measurable milestones, and adaptable playbooks that acknowledge differences between large, systemic banks and smaller community lenders. The aim is to translate the interagency reform vision into actionable programs that balance safety and growth, while maintaining an ability to respond to new technologies, market shocks, and evolving consumer needs. The opportunity lies in building a credible, auditable implementation that reduces uncertainty for boards, managers, and customers alike.

Timelines and sequencing gaps

One of the most persistent gaps is the absence of explicit, public timelines for each rulemaking and phase of implementation. Without clear sequencing, risk owners struggle to link capital planning, liquidity forecasting, AML modernization, and consumer protection initiatives to concrete dates. A practical remedy is a phased implementation roadmap published by the interagency group, with interim guidance that unlocks early actions. Early milestones could cover governance alignment, initial CAMELS adjustments, and pilot programs for AML technology, followed by progressive expansions into tokenized deposits rules, shelf charter readiness, and full-scale rollouts. Publishing these milestones reduces uncertainty and supports budgeting, staffing, and system changes across institutions. Source

Metrics, KPIs and governance readiness

Governance is only as effective as the metrics that demonstrate progress. Banks will need a clear set of KPIs tied to the new CAMELS framework, capital adequacy, liquidity resilience, and AML effectiveness. Boards should monitor risk signals through updated dashboards, track the accuracy and timeliness of data lineage, and require independent validation of model risk management for AI-enabled controls. Regulators may expect documented Evals, bias checks, and transparent audit trails for AI systems. Developing these indicators early, with baseline measurements and target trajectories, helps management anticipate underperforming areas and avoid last‑minute scrambles during rulemakings.

Size-based transitional relief and calibration

Smaller community banks face different operational realities than megabanks, yet policy often defaults to a one‑size‑fits‑all approach. A credible rollout should include phased relief or tailored calibrations that preserve access to credit while preserving safety and soundness. Transitional rules might slow the pace of certain risk‑weight changes, offer extended timelines for core system upgrades, or provide targeted guidance on onboarding, data governance, and AML tooling for smaller institutions. Such calibrations reduce disruption and help maintain competitive parity across the ecosystem. Source

Data privacy and cross-border considerations

Cross-border data flows and privacy constraints will complicate AI adoption and supervision. Clarity is needed on how data sharing for AML surveillance, risk scoring, and fraud detection can occur without undermining customer privacy. Practical guidance should cover data localization requirements, consent frameworks, and robust data governance to enable compliant information exchange among banks, fintechs, and regulators. Establishing standardized data provenance practices will also support model risk management and auditability across jurisdictions.

Real-world pilots and evidence

Policymakers and industry participants benefit from transparent pilot results that show how AI-enabled onboarding, risk scoring, and transaction monitoring affect safety, efficiency, and customer outcomes. The best practice is to publish case studies and anonymized metrics from phased pilots, including learnings about false positives, false negatives, and process improvements. These evidence-based findings inform governance dashboards and help regulators calibrate expectations for subsequent scale‑ups.

Cross-agency coordination and standardization

Consistency across agencies remains essential to reduce regulatory arbitrage and ensure comparable risk signaling. A credible rollout should formalize joint policy milestones, harmonized definitions, and shared supervisory tools, while preserving the flexibility needed to tailor approaches for different business models. Visible interagency alignment reassures firms that compliance costs are not inflated by overlapping or conflicting requirements.

Vendor risk and supply chain transparency

As AI and third-party providers become central to compliance and customer interactions, governance must extend to vendor risk management. Firms should map AI supply chains end to end, implement due diligence standards for major providers, and establish contractual controls that require ongoing monitoring, performance reporting, and independent validation. Transparent governance reduces concentration risk and supports timely responses to regulator inquiries during periods of stress.

Consumer education and disclosure effectiveness

Disclosures about AI decisions and product recommendations must be comprehensible and useful to consumers. A credible rollout includes tiered disclosures, plain-language explanations, and mechanisms for customer opt‑out where feasible. Regulators will likely evaluate not just the presence of disclosures, but their impact on consumer understanding and trust. Building consumer education into product design improves outcomes and reduces the risk of misalignment between customer expectations and actual experiences.

Overall, translating the post‑2025 AI reform agenda into practice requires a disciplined, multi‑year plan that integrates governance, data, and technology into every phase of planning and execution. By addressing timelines, metrics, calibration, and evidence, banks and asset managers can move from intention to reliable, auditable performance. The result is a more resilient system that supports responsible innovation, protects consumers, and strengthens market integrity.

Future iterations of the framework should continue to publish updated milestones, share interim guidance, and document the outcomes of pilots and early deployments. This transparency will build trust with regulators, investors, and customers, while giving firms a clearer, more actionable path to modernization.

Next Steps in Regulatory Horizons for AI in Banking and Asset Management

The regulatory journey is ongoing, with rulemakings and interagency coordination continuing to evolve. Institutions should view this as a multi‑year program of disciplined execution-phased reforms, coordinated timelines, and iterative learning that align safety with growth while reducing uncertainty for boards and executives.

From a governance perspective, robust data lineage, explainability, and AI risk controls must be embedded in core operations. Treat Evals, bias monitoring, and audit trails as integral parts of daily oversight rather than optional add‑ons, and ensure governance practices scale with technology adoption across front, middle, and back offices.

When applying the reforms, use a clear decision lens: map each reform area to existing risk profiles, prioritize pilots with measurable risk reduction, and deploy governance dashboards that provide real‑time visibility into capital, liquidity, and AML effectiveness. Maintain transparent communication with regulators and preserve consumer protections throughout product design and deployment.

The path forward demands cross‑functional alignment, steady investment in data and technology, and a willingness to adapt as rule texts and guidance mature. Start now by closing obvious governance gaps, staging AI‑driven pilots, and integrating these reforms into strategic planning and risk management processes.